ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: GRE and L2TP

2004-03-18 13:42:35
from [W. Mark Townsley] [Permanent Link] 

Rohit Gupta wrote:


Hi,

What is it in L2TP that i cant do with a simple GRE tunneling when implementing 
a remote access
VPN for a mobile client to connect to the corporate network. In L2TP, since it 
uses PPP
end-to-end, the LNS is able to supply dynamic IP address using IPCP to the 
remote client. LNS
takes this IP address from a pool of IP addresses it has. If one were to use 
GRE, then the same
can be done by using some out-of-band mechanism (or even have a fixed IP 
address which the mobile
client is instructed to use). GRE will tunnel the data packet originated from 
the mobile client,
the inner IP header will have the ip addresses as assigned by the corporate 
network. The outer IP
header will contain the IP address of teh ISP and the gateway to reach the 
corporate network.
GRE is an encapsulation. If you can manually provision or have some other "out of band" mechanism that does everything L2TP and PPP would otherwise do for you, then by all means use GRE - or IP in IP for that matter as your scenario with fixed IP addresses for all mobile clients (which I would think is a showstopper from the start) does not obviate the need for a GRE shim either.
L2TP is an encapsulation that allows multiplexing of multiple PPP sessions between two IP-connected endpoints, and a control protocol for dynamically establishing and maintaining the emulation of these PPP sessions. This is very different than GRE (though there are some ways to deploy L2TP between two routers to make it look like it is doing what GRE typically does in a bit more of a dynamic manner, though this is really a subset of L2TP's overall functionality).
Since you indicate that this is for a mobile environment, you might want to look at using Mobile IP. 



My whole point is that i want to know as to what is the burning need to have 
L2TP!
This question probably has more to do with whether you need PPP. If you do, L2TP could work for you to transport that PPP session (or many PPP sessions) over an IP network. If not, I see no reason for you to be burning with need for L2TP! 

- Mark



Regards,
Rohit

P.S.

Am not sure if this is indeed the right place to ask this question. But since 
there will be a lot
of experienced people on this list who would have worked on both these 
protocols, replying to this
one should be very easy.

__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam
http://mail.yahoo.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Categorization of TCP/IP service provision types (was: Re: The right to refuse, was: Re: Principles of Spam-abatement) (FWD: I-D ACTION:draft-klensin-ip-service-terms-00.txt), John C Klensin
Next by Date:  Re: Apology Re: Principles of Spam-abatement, Ed Gerck
Previous by Thread:  GRE and L2TP, Rohit Gupta
Next by Thread:  L2TP Deployment Scenario?, Rohit Gupta
Indexes:  [Date] [Thread] [Top] [All Lists]